8 Arrested in $4.5 Million SchemeArrests, Sentencing Called Big Wins in War on Fraudsters
The sentencing of a Bulgarian man in the U.S. and the arrest of eight alleged hackers in Russia highlight positive steps international law enforcement agents and governments are taking toward thwarting cross-border financial crimes.
See Also: Top 50 Security Threats
A U.S. Attorney's Office in Maryland has sentenced Ivo Svetozarov Damyanov, 32, to 75 months on charges linked to skimming ATM and debit cards with the intent to obtain bank account details and PINs. In all, more than $400,000 in fraudulent transactions has been linked to Damyanov's ATM skimming scheme.
In a separate yet concurrent case, seven alleged Russian hackers and one from Abkhazia were arrested this week for roles they reportedly played in a $4.5 million online-hacking scheme that targeted bank accounts in Russia, Eastern Europe and the Netherlands between late 2010 and the fourth quarter of 2011.
What do these cases mean? According to financial security expert and McAfee consultant Robert Siciliano, the push for stronger international law enforcement collaboration is having an impact.
"I think it's safe to say, as referenced in the press release, that President Obama's Financial Fraud Enforcement Task Force is successfully waging an aggressive, coordinated and proactive effort to investigate and prosecute financial crimes," Siciliano says. "Anyone keeping score knows the Feds are making many more busts, as they are tuned into various criminal enterprises. Organized crime isn't running, but they are definitely looking over their shoulders."
The interagency task force is working to improve efforts across the federal executive branch, as well as with state and local partners, to investigate and prosecute financial crimes.
From Skimming to Phishing
Last September, Damyanov pleaded guilty to committing access device fraud and aggravated identity theft, and next week one of his co-conspirators, Hristo Georgiev Kostov, faces his own sentencing.
Between February 2009 and February 2011, Authorities say Damyanov and his conspirators placed skimming devices on ATMs located throughout Maryland.
The sentencing comes just days after a Romanian crime ring boss in Washington admitted to orchestrating a $300,000 ATM skimming scam that dated back to 2007. [See ATM Skimmer Pleads Guilty.]
Outside the United States, the Russian Federal Security Service arrested the eight suspects for the roles they played in a well thought-out phishing scam that crossed several international borders. Working, in part, from information provided by security analyst firm Group-IB, which linked the hackers to an online banking Trojan called Caberb, helped Russian authorities catch the alleged hackers.
The Caberb Trojan, coupled with malware, was allegedly used to establish remote access to computer systems and databases. Once remote entry was accomplished, the hackers reportedly installed keyloggers or just took systems over.
The hackers are believed to have used popular news sites and online stores to spread their malicious software.
In the wake of these sentencings and arrests, Neal O'Farrell, executive director of The Identity Theft Council, says increased cooperation between the financial industry and law enforcement is obvious. And recent successes in dismantling some of the aforementioned crime groups only further support the work that's been done. But more is always needed.
"While ATM skimming is not necessarily the costliest fraud or the easiest to pull off, it does seem to be the one that's having the most impact on customer confidence and that's what has financial institutions worried," O'Farrell says. "This type of attack feels very personal to consumers because it's often the closest they come to the actual crime. So while consumers are getting the message and are more aware, they still don't like it. And financial institutions don't want their customers to worry about ATM transactions or debit card use."